Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-12 | CVE-2020-9543 | Incorrect Default Permissions vulnerability in Openstack Manila OpenStack Manila <7.4.1, >=8.0.0 <8.1.1, and >=9.0.0 <9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. | 6.5 |
| 2020-03-11 | CVE-2020-9408 | Incorrect Default Permissions vulnerability in Tibco products The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a vulnerability that theoretically allows an attacker with write permissions to the Spotfire Library, but not "Script Author" group permission, to modify attributes of files and objects saved to the library such that the system treats them as trusted. | 9.0 |
| 2020-03-09 | CVE-2020-5342 | Incorrect Default Permissions vulnerability in Dell Digital Delivery 3.5.1/3.5.2/3.5.2006 Dell Digital Delivery versions prior to 3.5.2015 contain an incorrect default permissions vulnerability. | 7.2 |
| 2020-03-03 | CVE-2019-19792 | Incorrect Default Permissions vulnerability in Eset Cyber Security A permissions issue in ESET Cyber Security before 6.8.300.0 for macOS allows a local attacker to escalate privileges by appending data to root-owned files. | 7.2 |
| 2020-02-27 | CVE-2020-3838 | Incorrect Default Permissions vulnerability in Apple products The issue was addressed with improved permissions logic. | 9.3 |
| 2020-02-22 | CVE-2020-9039 | Incorrect Default Permissions vulnerability in Couchbase Server Couchbase Server 4.0.0, 4.1.0, 4.1.1, 4.5.0, 4.5.1, 4.6.0 through 4.6.5, 5.0.0, 5.1.1, 5.5.0 and 5.5.1 have Insecure Permissions for the projector and indexer REST endpoints (they allow unauthenticated access).The /settings REST endpoint exposed by the projector process is an endpoint that administrators can use for various tasks such as updating configuration and collecting performance profiles. | 7.5 |
| 2020-02-13 | CVE-2020-0564 | Incorrect Default Permissions vulnerability in Intel Raid web Console 3 4.186/7.009.011.000 Improper permissions in the installer for Intel(R) RWC3 for Windows before version 7.010.009.000 may allow an authenticated user to potentially enable escalation of privilege via local access. | 4.6 |
| 2020-02-13 | CVE-2020-0562 | Incorrect Default Permissions vulnerability in Intel Raid web Console 2 Improper permissions in the installer for Intel(R) RWC2, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. | 4.6 |
| 2020-02-13 | CVE-2020-0560 | Incorrect Default Permissions vulnerability in Intel Renesas Electronics USB 3.0 Driver Improper permissions in the installer for the Intel(R) Renesas Electronics(R) USB 3.0 Driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. | 4.6 |
| 2020-02-13 | CVE-2020-0023 | Incorrect Default Permissions vulnerability in Google Android 10.0 In setPhonebookAccessPermission of AdapterService.java, there is a possible disclosure of user contacts over bluetooth due to a missing permission check. | 4.7 |